Paula Reaume-Zimmer had only been President and CEO of Bluewater Health for 10 months when she received a call no hospital leader wants to receive: there was concerning activity on the hospital's computer network and suspicion of a potential cyber breach.
“I remember holding the phone to my chest, thinking, 'I can't believe this is happening.'"
By the end of the day, it was confirmed that Bluewater Health – along with four peer hospitals – was experiencing a ransomware cyberattack. Leaders tackled three critical fronts—executives coordinated with information technology (IT) security and legal teams to assess the breach, IT assessed impacts to operating systems, and hospital teams developed innovative workflows for a possible extended downtime.
Without computer network access, clinical teams across the hospital quickly turned to their downtime procedures, which included paper forms to ensure that patient care could continue safely. Clinical staff were familiar with downtime procedures, which are used during routine IT maintenance, but these procedures were typically used for minutes or hours. It soon became clear that these procedures might be needed for much longer. No one, in those early days, imagined the system would be down for three months.
Despite having downtime procedures, teams soon recognized their strong reliance on basic technology. Email, network printers, and operating systems were inaccessible, internet access was inconsistent, and the phone system faced occasional outages. This was challenging for clinical staff who had only worked in a technology-dependent environment.
“We provided excellent, safe care before computers," Jane Mathews, Bluewater Health's Vice-President Clinical Support Services and Chief Nursing Executive, found herself reminding staff.
Clinical informatics and professional practice supervisors updated the clinical downtime forms to reflect the most recent screen forms in use. The paper forms were designed so that clinical staff could make selections with a checkmark as often as possible, minimizing the amount of writing needed. The hospital reverted to historical practices of faxing information between units and to external providers because electronic distribution wasn't available.
Bluewater Health expanded its daily leadership huddle to manage hospital-wide communications. Leaders met in person to discuss issues, share updates on new manual procedures, and report recovery efforts, with physician leaders engaged. The huddle also served as a vital forum for leadership to understand frontline clinicians' needs. The communications department prepared paper binders for each unit with organization-wide updates, and executives rounded day and night to keep teams informed. Sharing information remained challenging, as updates were fluid and the critical question—when systems would be back online—remained unanswered.
There were many avenues for finding solutions to the numerous challenges staff faced. Mathews notes that initially the downtime procedures, “didn't cover the full patient journey." Two examples of gaps that were quickly identified and addressed were patient armbands and meal distribution. Checking patient armbands before proceeding with testing or treatment is a key step in patient safety, and they are printed upon admission. A standalone computer and printer were set up for a new “armband team," made up of administrative staff who were temporarily unable to do their primary work without access to the IT network. A manual process was also developed to provide individuals with meals that met their dietary needs and preferences.
With so many new manual procedures, double and sometimes even triple checks to ensure patient safety were more important than ever. The adverse event reporting procedure, which requires staff to report mistakes and near misses, was also adapted to a manual process. The patient safety coordinator monitored this closely for trends, allowing them to revise patient care processes to mitigate potential errors.
Amid priorities for delivering safe patient care using manual procedures, the hospital also faced a lack of working payroll and accounts payable systems. Payroll, finance, human resources, and scheduling teams collaborated to ensure employees were paid. Those payments were cash advances for employees, later reconciled manually when systems were restored—just a week before Christmas. This intensive work ensured all payments were corrected by year's end, avoiding tax issues and potential T4 complications for staff and the hospital. The accounts payable system, however, remained offline until April, requiring finance to manually process and reconcile vendor payments over the five-month period.
Marlene Kerwin, Vice-President Corporate Services & Chief Financial Officer, served as the internal lead for recovery efforts. She stressed, “It's such an arduous process to get systems back online. The hospital couldn't just flip a switch and be back up and running because of the need to ensure no lingering contamination from cybercriminals."
At the time of the attack, Bluewater Health was planning a transition to a new hospital information system. They chose to expedite this process, requiring teams to simultaneously focus on system recovery and the new system's implementation.
Matt Goss, Director of Information Technology and Systems Integration, played a crucial role during the downtime, leading the prioritization of system recovery. With hundreds of clinical and support systems critical to hospital operations, the team employed an ethical decision-making framework to guide recovery efforts.
Every department across the hospital stepped up to find new ways to operate to ensure accuracy and excellence, whether their staff were directly involved in patient care, or in supporting fellow staff providing that care.
Reaume-Zimmer recalls, “the most difficult thing was watching all the team members working so hard, and we couldn't give them the tools they relied on. I quickly became confident with their resourcefulness, to get the job done, and provide safe care for our patients."
Leaders are convinced that Bluewater Health's culture of kindness provided the foundation for this commitment and resilience.
Next month, Part 2, will look at how culture and high levels of trust helped Bluewater Health meet this extraordinary challenge.